CVE-2023-20057

A vulnerability in the URL filtering mechanism of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass the URL reputation filters on an affected device. This vulnerability is due to improper processing of URLs. An attacker could exploit this vulnerability by crafting a URL in a particular way. A successful exploit could allow the attacker to bypass the URL reputation filters that are configured for an affected device, which could allow malicious URLs to pass through the device.
CVSS

No CVSS.

Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:cisco:asyncos:-:*:*:*:*:*:*:*
OR cpe:2.3:h:cisco:email_security_appliance_c160:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:email_security_appliance_c170:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:email_security_appliance_c190:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:email_security_appliance_c370:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:email_security_appliance_c370d:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:email_security_appliance_c380:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:email_security_appliance_c390:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:email_security_appliance_c670:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:email_security_appliance_c680:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:email_security_appliance_c690:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:email_security_appliance_c690x:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:email_security_appliance_x1070:-:*:*:*:*:*:*:*

History

21 Nov 2024, 07:40

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 5.3
v2 : unknown
v3 : 0.0
References () https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-url-bypass-WbMQqNJh - Vendor Advisory () https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-url-bypass-WbMQqNJh - Vendor Advisory
Summary
  • (es) Una vulnerabilidad en el mecanismo de filtrado de URL del software Cisco AsyncOS para Cisco Email Security Appliance (ESA) podría permitir que un atacante remoto no autenticado evite los filtros de reputación de URL en un dispositivo afectado. Esta vulnerabilidad se debe a un procesamiento inadecuado de las URL. Un atacante podría aprovechar esta vulnerabilidad creando una URL de una manera particular. Un exploit exitoso podría permitir al atacante eludir los filtros de reputación de URL configurados para un dispositivo afectado, lo que podría permitir que URL maliciosas pasen a través del dispositivo.

07 Nov 2023, 04:05

Type Values Removed Values Added
Summary A vulnerability in the URL filtering mechanism of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass the URL reputation filters on an affected device. This vulnerability is due to improper processing of URLs. An attacker could exploit this vulnerability by crafting a URL in a particular way. A successful exploit could allow the attacker to bypass the URL reputation filters that are configured for an affected device, which could allow malicious URLs to pass through the device. A vulnerability in the URL filtering mechanism of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass the URL reputation filters on an affected device. This vulnerability is due to improper processing of URLs. An attacker could exploit this vulnerability by crafting a URL in a particular way. A successful exploit could allow the attacker to bypass the URL reputation filters that are configured for an affected device, which could allow malicious URLs to pass through the device.

Information

Published : 2023-01-20 07:15

Updated : 2024-11-21 07:40


NVD link : CVE-2023-20057

Mitre link : CVE-2023-20057

CVE.ORG link : CVE-2023-20057


JSON object : View

Products Affected

cisco

  • email_security_appliance_c160
  • email_security_appliance_c190
  • email_security_appliance_c670
  • asyncos
  • email_security_appliance_c370
  • email_security_appliance_x1070
  • email_security_appliance_c680
  • email_security_appliance_c690
  • email_security_appliance_c170
  • email_security_appliance_c390
  • email_security_appliance_c370d
  • email_security_appliance_c380
  • email_security_appliance_c690x
CWE
CWE-792

Incomplete Filtering of One or More Instances of Special Elements

CWE-74

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')